Unix and Linux Discussions Tagged with kerberos |
|
Thread / Thread Starter |
Last Post |
Replies |
Views |
Forum |
|
|
|
3 |
4,977 |
Solaris |
|
|
|
1 |
1,389 |
Solaris |
|
|
|
1 |
5,711 |
UNIX and Linux Applications |
|
|
|
2 |
13,412 |
AIX |
|
|
|
8 |
10,125 |
Shell Programming and Scripting |
|
|
|
3 |
29,199 |
AIX |
|
|
|
1 |
4,235 |
AIX |
|
|
|
1 |
3,816 |
UNIX for Advanced & Expert Users |
|
|
|
0 |
8,514 |
Red Hat |
|
|
|
3 |
5,798 |
Solaris |
|
|
|
0 |
9,695 |
Programming |
|
|
|
0 |
10,004 |
Linux |
|
|
|
2 |
4,968 |
UNIX for Dummies Questions & Answers |
|
|
|
2 |
3,841 |
Programming |
|
|
|
0 |
5,047 |
AIX |
|
|
|
0 |
6,490 |
Solaris |
|
|
|
0 |
1,149 |
Security Advisories (RSS) |
|
|
|
0 |
1,152 |
Security Advisories (RSS) |
|
|
|
2 |
3,608 |
Solaris |
|
|
|
2 |
5,499 |
UNIX for Advanced & Expert Users |
|
|
|
1 |
8,593 |
Cybersecurity |
|
|
|
8 |
16,219 |
Cybersecurity |
|
|
|
1 |
4,952 |
Cybersecurity |
ipa-rmkeytab(1) IPA Manual Pages ipa-rmkeytab(1)
NAME
ipa-rmkeytab - Remove a kerberos principal from a keytab
SYNOPSIS
ipa-rmkeytab [ -p principal-name ] [ -k keytab-file ] [ -r realm ] [ -d ]
DESCRIPTION
Removes a kerberos principal from a keytab.
Kerberos keytabs are used for services (like sshd) to perform kerberos authentication. A keytab is a file with one or more secrets (or
keys) for a kerberos principal.
A kerberos service principal is a kerberos identity that can be used for authentication. Service principals contain the name of the ser-
vice, the hostname of the server, and the realm name.
ipa-rmkeytab provides two ways to remove principals. A specific principal can be removed or all principals for a given realm can be
removed.
All encryption types and versions of a principal are removed.
The realm may be included when removing a specific principal but it is not required.
NOTE: removing a principal from the keytab does not affect the Kerberos principal stored in the IPA server. It merely removes the entry
from the local keytab.
OPTIONS
-p principal-name
The non-realm part of the full principal name.
-k keytab-file
The keytab file to append the principal(s) from.
-r realm
A realm to remove all principals for.
-d Debug mode. Additional information is displayed.
EXAMPLES
Remove the NFS service principal on the host foo.example.com from /tmp/nfs.keytab.
# ipa-rmkeytab -p nfs/foo.example.com -k /tmp/nfs.keytab
Remove the ldap service principal on the host foo.example.com from /etc/krb5.keytab.
# ipa-rmkeytab -p ldap/foo.example.com -k /etc/krb5.keytab
Remove all principals for the realm EXAMPLE.COM.
# ipa-rmkeytab -r EXAMPLE.COM -k /etc/krb5.keytab
EXIT STATUS
The exit status is 0 on success, nonzero on error.
1 Kerberos initialization failed
2 Memory allocation error
3 Unable to open keytab
4 Unable to parse the principal name
5 Principal name or realm not found in keytab
6 Unable to remove principal from keytab
IPA
Oct 30 2009 ipa-rmkeytab(1)